End-to-end trusted communications infrastructure
First Claim
1. A method of providing secure transmission of medical information via a trusted end-to-end communication link, comprising:
- receiving, by a processor executing in a trusted security zone of a mobile access terminal, an input that is obtained via at least one sensor, wherein the trusted security zone includes a hardware root of trust and a secure partition that receives the input, wherein the input comprises medical data;
preventing, by execution of the processor in the trusted security zone, applications outside of the trusted security zone from executing on the mobile access terminal, wherein applications that execute outside of the trusted security zone are blocked from accessing the secure partition that received the input;
generating, by a secure application stored in the secure partition and executing on the processor in the trusted security zone of the mobile access terminal,a message based on the input, anda trust token for transmission via a trusted end-to-end communication link that comprises a plurality of network nodes and a wireless communication link, wherein the trusted end-to-end communication link provides handling of the message in a corresponding trusted security zone of each network node along the trusted end-to-end communication link; and
transmitting, by the mobile access terminal via the trusted end-to-end communication link, the message and trust token to a medical data server that receives the message by an application that executes in a trusted security zone of the medical data server, wherein the medical data server is one endpoint in the trusted end-to-end communication link with the mobile access terminal and is another endpoint for a second trusted end-to-end communication link to a trusted security zone of a computer system that provides secure access to medical information.
7 Assignments
0 Petitions
Accused Products
Abstract
A method of delivery of medical data via a trusted end-to-end communication link. The method comprises obtaining a measurement of a parameter of a human being by a first sensor, obtaining a biometric from the human being by a second sensor, receiving input from the first and second sensors by a secure application executing in a trusted security zone of a processor, whereby access to the input from the first and second sensors by applications executing in a normal partition of the processor is blocked, wherein the input from the first and second sensors comprises the measurement of the parameter and the biometric, and transmitting a message based on the input from the first and second sensors via a trusted end-to-end communication link to a medical data server, wherein an application that receives the message executes in a trusted security zone of the server.
-
Citations
21 Claims
-
1. A method of providing secure transmission of medical information via a trusted end-to-end communication link, comprising:
-
receiving, by a processor executing in a trusted security zone of a mobile access terminal, an input that is obtained via at least one sensor, wherein the trusted security zone includes a hardware root of trust and a secure partition that receives the input, wherein the input comprises medical data; preventing, by execution of the processor in the trusted security zone, applications outside of the trusted security zone from executing on the mobile access terminal, wherein applications that execute outside of the trusted security zone are blocked from accessing the secure partition that received the input; generating, by a secure application stored in the secure partition and executing on the processor in the trusted security zone of the mobile access terminal, a message based on the input, and a trust token for transmission via a trusted end-to-end communication link that comprises a plurality of network nodes and a wireless communication link, wherein the trusted end-to-end communication link provides handling of the message in a corresponding trusted security zone of each network node along the trusted end-to-end communication link; and transmitting, by the mobile access terminal via the trusted end-to-end communication link, the message and trust token to a medical data server that receives the message by an application that executes in a trusted security zone of the medical data server, wherein the medical data server is one endpoint in the trusted end-to-end communication link with the mobile access terminal and is another endpoint for a second trusted end-to-end communication link to a trusted security zone of a computer system that provides secure access to medical information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of providing secure access of medical information via a trusted end-to-end communication link, comprising:
-
receiving, by a secure application executing in a trusted security zone of a medical data server, a first message via a first trusted end-to-end communication link from a mobile access terminal, wherein the first message is based on an input comprising medical sensor data; determining, by the secure application while preventing execution of applications that execute outside of the trusted security zone of the medical data server, that the first message was handled in trusted security zones along the first trusted end-to-end communication link, wherein each trusted security zone includes a hardware root of trust and a secure partition; generating, in the trusted security zone by the secure application, a second message based on the input of the first message; and transmitting, by the server application via a second trusted end-to-end communication link, the second message to a trusted security zone of a computer system, wherein the computer system is provided secure access to medical information based on transmitting via the second trusted end-to-end communication link. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification